[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 2/3] Make SASL work over UNIX domain sockets



The addrToString methods were not coping with UNIX domain sockets
which have no normal host+port address. Hardcode special handling
for these so that SASL routines can work over UNIX sockets. Also
fix up SSF logic in remote client so that it presumes that a UNIX
socket is secure

* daemon/remote.c: Fix addrToString for UNIX sockets.
* src/remote/remote_driver.c: Fix addrToString for UNIX sockets
  and fix SSF logic to work for TLS + UNIX sockets in the same
  manner
---
 daemon/remote.c            |    8 ++++++++
 src/remote/remote_driver.c |   22 +++++++++++++++-------
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/daemon/remote.c b/daemon/remote.c
index 3db9790..6b67678 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -3263,6 +3263,14 @@ static char *addrToString(remote_error *rerr,
     int err;
     struct sockaddr *sa = (struct sockaddr *)ss;
 
+    if (sa->sa_family == AF_UNIX) {
+        if (!(addr = strdup("127.0.0.1;0"))) {
+            virReportOOMError();
+            return NULL;
+        }
+        return addr;
+    }
+
     if ((err = getnameinfo(sa, salen,
                            host, sizeof(host),
                            port, sizeof(port),
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index a945710..acba01e 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -6676,6 +6676,14 @@ static char *addrToString(struct sockaddr_storage *ss, socklen_t salen)
     int err;
     struct sockaddr *sa = (struct sockaddr *)ss;
 
+    if (sa->sa_family == AF_UNIX) {
+        if (!(addr = strdup("127.0.0.1;0"))) {
+            virReportOOMError();
+            return NULL;
+        }
+        return addr;
+    }
+
     if ((err = getnameinfo(sa, salen,
                            host, sizeof(host),
                            port, sizeof(port),
@@ -6977,12 +6985,12 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int in_open,
     }
 
     memset (&secprops, 0, sizeof secprops);
-    /* If we've got TLS, we don't care about SSF */
-    secprops.min_ssf = priv->uses_tls ? 0 : 56; /* Equiv to DES supported by all Kerberos */
-    secprops.max_ssf = priv->uses_tls ? 0 : 100000; /* Very strong ! AES == 256 */
+    /* If we've got a secure channel (TLS or UNIX sock), we don't care about SSF */
+    secprops.min_ssf = priv->is_secure ? 0 : 56; /* Equiv to DES supported by all Kerberos */
+    secprops.max_ssf = priv->is_secure ? 0 : 100000; /* Very strong ! AES == 256 */
     secprops.maxbufsize = 100000;
-    /* If we're not TLS, then forbid any anonymous or trivially crackable auth */
-    secprops.security_flags = priv->uses_tls ? 0 :
+    /* If we're not secure, then forbid any anonymous or trivially crackable auth */
+    secprops.security_flags = priv->is_secure ? 0 :
         SASL_SEC_NOANONYMOUS | SASL_SEC_NOPLAINTEXT;
 
     err = sasl_setprop(saslconn, SASL_SEC_PROPS, &secprops);
@@ -7164,8 +7172,8 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int in_open,
         }
     }
 
-    /* Check for suitable SSF if non-TLS */
-    if (!priv->uses_tls) {
+    /* Check for suitable SSF if not already secure (TLS or UNIX sock) */
+    if (!priv->is_secure) {
         err = sasl_getprop(saslconn, SASL_SSF, &val);
         if (err != SASL_OK) {
             remoteError(VIR_ERR_AUTH_FAILED,
-- 
1.7.2.2


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]